Bug 1711722 (CVE-2019-10141)
Summary: | CVE-2019-10141 openstack-ironic-inspector: SQL Injection vulnerability when receiving introspection data | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Summer Long <slong> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED ERRATA | QA Contact: | |
Severity: | high | Docs Contact: | |
Priority: | high | ||
Version: | unspecified | CC: | bfournie, dbecker, dtantsur, jjoyce, jkreger, jschluet, kbasil, lhh, lpeer, mburns, rhos-maint, sclewis, slinaber, zbitter |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | openstack-ironic-inspector 5.0.2, openstack-ironic-inspector 6.0.3, openstack-iron-inspector 7.2.4, openstack-ironic-inspector 8.0.3, openstack-ironic-inspector 8.2.1 | Doc Type: | If docs needed, set a value |
Doc Text: |
A SQL-injection vulnerability was found in openstack-ironic-inspector's node_cache.find_node(). This function makes a SQL query using unfiltered data from a server reporting inspection results (by a POST to the /v1/continue endpoint). Because the API is unauthenticated, the flaw could be exploited by an attacker with access to the network on which ironic-inspector is listening. Because of how ironic-inspector uses the query results, it is unlikely that data could be obtained. However, the attacker could pass malicious data and create a denial of service.
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | 2019-07-12 13:07:11 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1710402, 1712181, 1712182, 1712183, 1712184, 1712185, 1712186 | ||
Bug Blocks: | 1711459 |